US7197646B2 - System and method for preventing automated programs in a network - Google Patents

System and method for preventing automated programs in a network Download PDF

Info

Publication number
US7197646B2
US7197646B2 US10/741,838 US74183803A US7197646B2 US 7197646 B2 US7197646 B2 US 7197646B2 US 74183803 A US74183803 A US 74183803A US 7197646 B2 US7197646 B2 US 7197646B2
Authority
US
United States
Prior art keywords
system
software module
service
visual test
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US10/741,838
Other versions
US20050138376A1 (en
Inventor
Adam T. Fritz
Yiqing Wang
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Disney Enterprises Inc
Original Assignee
Disney Enterprises Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Disney Enterprises Inc filed Critical Disney Enterprises Inc
Priority to US10/741,838 priority Critical patent/US7197646B2/en
Assigned to DISNEY ENTERPRISES, INC. reassignment DISNEY ENTERPRISES, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: FRITZ, ADAM T., WANG, YIQING
Publication of US20050138376A1 publication Critical patent/US20050138376A1/en
Application granted granted Critical
Publication of US7197646B2 publication Critical patent/US7197646B2/en
Application status is Active legal-status Critical
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network

Abstract

A system and method are diminish the use of an automated program in a networked environment. A server can provide access to a service. In addition, a software module provides a client computer with a visual test upon a request transmitted through a network by the client computer for the service. The visual test requires the client computer to perform a predetermined action on a shaped object displayed on a video display in order to gain access to the service. A validation software module receives a request from the software module for the shaped object to be displayed on the video display. Further, the validation software module randomly selects a shaped object to be transmitted to the software module. The validation software module provides the software module with the shaped object. An access software module receives an access instruction from the validation software module if the client computer passes the visual test. The client computer can access the service if the client computer passes the visual test.

Description

BACKGROUND

1. Field of the Invention

This invention relates generally to a method and system for restricting access to electronic services. More particularly, the present invention relates to diminishing the use of automated programs in a networked environment.

2. General Background

Many computer users currently use Internet services such as electronic mail (“e-mail”). The user connects his or her computer to the Internet through an Internet Service Provider (“ISP”). The user can then open an e-mail account through any number of e-mail services. Many of these e-mail services have a registration process in which the user must provide information such as a name, a user name, an address, etc. in order to open an e-mail account. Once an e-mail account is opened, the computer user can then send and receive messages from other computer users that use the Internet.

One of the continual problems facing Internet users is receiving e-mail called SPAM. SPAM is essentially junk e-mail that has relatively little worth to most e-mail users. E-mail users must spend a great deal of time looking through and deleting these unwanted e-mails from their mailboxes in order to keep their mailboxes from exceeding size limits imposed by ISP's. Further, SPAM expends a great deal of bandwidth on the Internet. A large number of resources are needed for transmitting and receiving junk e-mail. As a result, Internet resources that are used for more useful data flow have slower response times and are less efficient.

SPAM can be propagated in many different ways. One of the main causes of SPAM is computers that use scripts to impersonate users. During the registration process for an e-mail address, a computer can use a script to generate multiple e-mail addresses that do not even have a corresponding human user. These multiple e-mail addresses can then be used by the computer to send unwanted e-mail messages to other Internet users.

Computers can also be used to run scripts that send out multiple e-mail messages from a user generated e-mail address or from a script generated e-mail address to the same set of recipients. A computer user would take a great deal of time to send out a large number of e-mail messages to a set of recipients. On the other hand, a computer running a script can transmit e-mail messages at the speed that it would take thousands of computer users to perform the same task in the same amount of time.

Another area of services in which scripts pose a large problem is Internet voting services and Internet contests. The Internet has many web pages in which users can participate in a poll. For instance, users can vote for their favorite musician, artist, athlete, etc. The user can always return to the web page and vote another time, but the chances are small that most users will bother trying to vote again. However, a computer can use a script to vote a large number of times in a very small amount of time. The result is that the voting results are skewed a by a large amount. Further, a user that enters a contest will almost never win if a script places thousands of entries into the same contest.

Some approaches to solving the problem of computers running scripts involve the use of authentication schemes. For instance, a randomly selected string can be modified so that only a human user will be able to guess the result. A string of text can be rearranged over a shaded background so that the user can pick out the text. The user is then required to type in the text that stands out from the background.

A number of problems exist with this type of authentication scheme. Computer users do not want to spend the time to perform tedious tasks such as typing in a string of text to set up an e-mail account or to send an e-mail. Further, the static feature of this type of test allows more advanced image filtering programs to figure out the string. Finally, e-mail software that is dependent on a character set may make international deployment difficult.

SUMMARY

In order to solve the problems discussed above, a system and method are disclosed for diminishing the use of an automated program in a networked environment. In one aspect, a system includes a server that can provide access to a service. Accordingly, the service is stored on a memory associated with server. In addition, a software module is stored on the server. The software module provides a client computer with a visual test upon a request transmitted through a network by the client computer for the service. The visual test is displayed on a video display. Further, the visual test requires the client computer to perform a predetermined action on a shaped object displayed on the video display in order to gain access to the service. In addition, a validation software module is stored on the server. The validation software module receives a request from the software module for the shaped object to be displayed on the video display. Further, the validation software module randomly selects a shaped object to be transmitted to the software module. The validation software module provides the software module with the shaped object. An access software module receives an access instruction from the validation software module if the client computer passes the visual test. The client computer can access the service if the client computer passes the visual test.

In another aspect, a method restricts access of an automated program to computing services. A request to perform a computing service is received. Further, a determination is made as to whether a set of criteria has been met. If the set of criteria has not been met, a visual test is requested. The visual test includes a requirement that a predetermined action on a shaped object take place within a given time period. If the set of criteria has been met or if the predetermined action on the shaped object takes place within the given time period, the computing service is performed.

In another aspect, a system diminishes the use of an automated program in a networked computing environment. The system a server that can provide access to a service. Accordingly, the service is stored on a memory associated with server. In addition, a software module is stored on the server. The software module provides a client computer with a visual test upon a request transmitted through a network by the client computer for the service. The visual test is displayed on a video display. Further, the visual test requires the client computer to perform a predetermined action on a geometric shape displayed on the video display in order to gain access to the service. In addition, a validation software module is stored on the server. The validation software module receives a request from the software module for the geometric shape to be displayed on the video display. Further, the validation software module randomly selects a geometric shape to be transmitted to the software module, wherein the validation software module provides the software module with the geometric shape. An access software module receives an access instruction from the validation software module if the client computer passes the visual test. The client computer can access the service if the client computer passes the visual test.

In yet another aspect, a system diminishes the use of an automated program in a networked computing environment. The system a server that can provide access to a service. Accordingly, the service is stored on a memory associated with server. In addition, a software module is stored on the server. The software module provides a client computer with a visual test upon a request transmitted through a network by the client computer for the service. The visual test is displayed on a video display. Further, the visual test requires the client computer to perform a predetermined action on a non-textual based image displayed on the video display in order to gain access to the service. In addition, a validation software module is stored on the server. The validation software module receives a request from the software module for the non-textual based image to be displayed on the video display. Further, the validation software module randomly selects a non-textual based image to be transmitted to the software module, wherein the validation software module provides the software module with the non-textual based image. An access software module receives an access instruction from the validation software module if the client computer passes the visual test. The client computer can access the service if the client computer passes the visual test.

In another aspect, a method restricts access of an automated program in an electronic mail service. A request is received to send an e-mail message. Further, a determination is made as to whether a maximum number of recipients has been exceeded. A visual test is requested if the maximum number of recipients has been exceeded. The visual test includes a requirement that a predetermined action on a shaped object take place within a given time period. Further, the e-mail message is sent if the set of criteria has been met or if the predetermined action on the shaped object takes place within the given time period.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a computing environment in which SPAM is not blocked.

FIG. 2 illustrates a SPAM blocking system which can be used to reduce the amount of SPAM that the SPAM receiving client receives.

FIG. 3 illustrates a video display in which a computer user can compose an e-mail message using the e-mail application.

FIG. 4 illustrates a process for reducing the use of automated scripts in services such as the account registration application, the e-mail application, the poll application, or the contest application.

DETAILED DESCRIPTION OF THE INVENTION

In order to reduce the amount of SPAM that computer users receive, a system and method are disclosed for effectively distinguishing between human users and computer scripted users. The system and method make it difficult for automated scripts or any other automated computer programs to use image filtering programs to gain access to computing services.

FIG. 1 illustrates a computing environment 100 in which SPAM is not blocked. A sending client 102 is a computer from which a user can send an e-mail message. One of ordinary skill in the art will recognize that the sending client 102 can be any computing device such as a personal computer (“PC”), laptop, personal digital assistant (“PDA”), cellular phone, MP3 player, remote control, etc. The sending client 102 connects to a server 106 through the Internet 104. One of ordinary skill in the art will also recognize that this system and method can work in any type of network configuration including but not limited to a wireless network, local area network (“LAN”), world area network (“WAN”), etc. By connecting to the server 106, the sending client 102 is able to use an e-mail service 108 to compose an e-mail message. The server 106 is connected to a database 110 which stores data such as the inbox of the sending client 102. The database 110 can also store data such as an address book so that the user can send an e-mail to another user without having to remember the other user's e-mail address.

After the user composes the e-mail message, the user presses a send button (not shown) to instruct the e-mail service 108 to send the e-mail message to another e-mail address. The e-mail message is then routed through the Internet 104 to the appropriate e-mail address. A receiving client 112 then receives the e-mail message.

While the receiving client 112 is a computer that has a user who wanted to receive an e-mail message from the sending client 102, many computer users receive unwanted SPAM. One of the propagators of SPAM is a script sending client 114 that uses a script 116 to impersonate human users. One of ordinary skill in the art will recognize that the script 116 can be written using any known computer language. After the script sending client 114 connects to the server 106 through the Internet 104, the script sending client can compose a large number of e-mail messages in a short period of time using the e-mail service 108. As a result, a large number of e-mail messages can be transmitted through the Internet 104 to a SPAM receiving client 118.

FIG. 2 illustrates a SPAM blocking system 200 which can be used to reduce the amount of SPAM that the SPAM receiving client 118 (FIG. 1) receives. As illustrated in FIG. 2, the sending client 102 or the script sending client 114 can connect to a SPAM blocking server 220 through the Internet 104. The SPAM blocking server 220 stores an account registration application 222. In one embodiment, the computer user can use the account registration application 222 to create an e-mail account. In another embodiment, the computer user can use the account registration application 222 to subscribe to electronic services such as electronic newsletters, electronic news, e-mail notifications, sports scores, etc. Further, the SPAM blocking server has an e-mail application 224 in which a user can send or receive e-mail using an e-mail account set up through the account registration application. In addition, the SPAM blocking server 220 has a poll application 226 in which the user can vote on a topic displayed on a web page stored in a database 230 associated with the SPAM blocking server 220. Finally, the SPAM blocking server 220 has a contest application 228 in which the computer user can enter a contest to win a prize. One of ordinary skill in the art will recognize that other types of applications such as games, videos, music, computer research, etc. can be provided by the SPAM blocking server 220.

In order for a computer user to use the account registration application 222, the e-mail application 224, the poll application 226, the contest application 228, or any other application restricted in a like manner, the computer user must prove that the computer user is human as opposed to the script 116. An authentication system will now be discussed for differentiating the human computer user from the script 116.

Restrictions on the use of certain applications stored on the SPAM blocking server 220 may invoke a flash application 230 that will provide a visual test for the computer user to pass in order for the restriction to be met. In one embodiment, the flash application 230 provides a visual test when a user attempts to register for an e-mail account using the account registration application 222. The SPAM blocking server 220 will likely want to ensure that all users that register for e-mail accounts are human users, not automated scripts. The SPAM blocking server 220 can have stringent requirements at the outset to preemptively ward off propagators of SPAM. One of ordinary skill in the art will recognize that the flash application 230 is mean to include future developments in graphics software. Future development may lead to graphics software that is even more difficult for image filtering programs to look through.

In one embodiment, a computer user submits identification information (e.g., name, user name, address, etc.) through the account registration application 222. After entering all of the information in the form, the user indicates that he or she has completed the form by pressing a button such as a send button, a complete button, a done button, etc. The flash application 230 then provides a visual test prior to submitting the information for establishing the e-mail account. In one embodiment, the flash application 230 displays a screen that has a randomly selected shaped object positioned at a randomly selected position therein. In one embodiment, the shaped object is a geometric shape. In another embodiment, the shaped object is a cartoon character. For instance, the shaped object can be Mickey Mouse. In another embodiment, the shaped object can be a graphically imaged character. For instance, an image of a person, pet, object, etc. can be graphically encoded to be used as the shaped object. In another embodiment, the shaped object is a graphical icon. For instance, images that are displayed on a computer can be used as the shaped object. In yet another embodiment, the flash application 230 displays a screen that has a randomly selected non-textual image positioned at a randomly selected position therein.

The computer user must select the shape with a mouse pointer to pass the visual test. In one embodiment, the user must select the shape within a given time limit. In another embodiment, if the user does not select the shape within the given time limit, the display screen is erased and another randomly selected shape appears at another randomly selected position within the display screen. In yet another embodiment, the randomly selected shapes at randomly selected positions are chosen and erased for a pre-determined number of times. If the user has not chosen the correct shape within the pre-determined number of displays of randomly selected shapes displayed in randomly selected positions, the user is not allowed to register for an e-mail account.

The use of the flash application 230 to generate the visual test makes the use of image filtering programs very difficult. The flash application 230 only appears to display one shape to the user on the display screen. However, the flash application 230 actually provides a variety of shapes to the display screen which are positioned in different layers of the display screen. In other words, the user only sees one shape on the display screen, but an image filtering program would see a large number of shapes to choose from.

The visual test is not limited to a randomly selected shape appearing at a randomly selected position. In an alternate embodiment, the visual test is a randomly selected shape that moves from one position in the display screen to a variety of different positions in the display screen. The user must “catch” the moving object by placing the mouse pointer over the moving object and by pressing the mouse button when the mouse pointer is over the moving object. An image filtering program will have an even more difficult time determining the location of a moving object and also determining the coordinates for the movement of the mouse pointer to “catch” the moving object. In yet another embodiment, the visual test requires the dragging of an object from a starting position to an ending position. An image filtering program would have great difficulty finding the location of the randomly selected object, determining the distance that the object has to be moved, and providing the coordinates for the positions that the mouse has to drag the object with. In yet another embodiment, the user must drag multiple objects together. For example, the user may have to drag one dot to touch another. The user may also have to put pieces of a puzzle together. In yet another embodiment, a user can shoot an object such as a ball at a target. The user may also be able to use a computerized gun or projectile propagator to send a computerized bullet or computerized projectile at a target in order to pass the visual test. For example, the user may play a computerized basketball to shoot a computerized basketball into a hoop to pass the visual test. The user may also be required to play computerized games such as pinball to pass the visual test.

In yet another embodiment, the flash application 230 can provide a visual test when a user attempts to use the e-mail application 224 to send an e-mail message. The SPAM blocking server 220 will want to prevent automated scripts from sending messages to a large number of recipients. On the other hand, the SPAM blocking server 220 may want to allow a human user to send a large number of messages. In one embodiment, a computer user composes an e-mail message and presses a send button in a graphical user interface (“GUI”). If the number of recipients is greater than a predetermined number of recipients, then the flash application 230 displays a visual test in the GUI. In one embodiment, the visual test is displayed in the same GUI that displays the e-mail message that is being composed. In another embodiment, the visual test is displayed in a separate GUI from the GUI that displays the e-mail message.

In another embodiment, the flash application 230 can provide a visual test when a user attempts to use the poll application 226. After the computer user presses a vote button displayed in a GUI, the flash application 230 can display a visual test that the computer user must pass before the SPAM blocking server 220 will actually place the vote. In another embodiment, the computer user must pass the visual test before having the opportunity to place a vote. One of ordinary skill in the art will recognize that the poll application 226 can be any of a wide variety of computer applications in which a vote is placed.

In another embodiment, the flash application 230 can provide a visual test when a user attempts to use the contest application 228 to enter a contest. One of ordinary skill in the art will recognize that the contest can be a game, sweepstakes, etc. Further, one of ordinary skill in the art will recognize that the contest can be with or without a prize winning.

In yet another embodiment, the flash application 230 can provide a visual test for any type of service that can be provided through a network. The flash application 230 can even be used as an extra layer of security for accessing secure web pages. For example, the visual test can be used as an extra layer of protection besides the use of a user name and a password.

The flash application 230 generates the visual test for the account registration application 222, the e-mail application 224, the poll application 226, or the contest application 228 by communicating with a validation module 232. In one embodiment, the validation module 232 is a validation application programming interface (“API”). In order to create a visual test, the flash application 230 requests a randomly selected geometric shape from the validation module 232. Subsequently, the validation module 232 provides a randomly selected geometric shape and an ID to the flash application 230. In one embodiment, the ID is a transaction ID. In another embodiment, the ID is a transaction ID. In yet another embodiment, the ID is a unique user identification. An example of a unique user identification is a “cookie”. In another embodiment, the ID is an Internet Protocol (“IP”) address. In yet another embodiment, the ID is an IP address and the date that a request for services was sent.

In one embodiment, the validation module 232 requests a randomly selected geometric shape from a SPAM Blocker application 234 which can access an image database 236. In yet another embodiment, the validation module 232 communicates directly with the image database 236.

The ID is a textual string used for identifying the geometric shape that was sent to the flash application 230 at a specific time. The validation module 232 retains a copy of the ID and the geometric shape in a memory associated with the validation module 232 for future lookup. The validation module 232 then sends the geometric shape and the ID to the flash application 230. In one embodiment, the validation module 232 encrypts the data that the validation module 232 provides to the flash application 230. One of ordinary skill in the art will be familiar with the different encryption algorithms. After receiving and decrypting the data (if necessary), the flash application 230 determines a random position within the display of the GUI in which to display the randomly selected geometric shape. In another embodiment, the validation module 232 also randomly selects a variety of additional geometric shapes that can be positioned by the flash application 230 at different layers of the GUI. As discussed above, the use of the additional geometric shapes at different layers of the GUI will help prevent image filtering programs from passing the visual test. In yet another embodiment, the flash application 230 can randomly select the geometric shape and/or the additional geometric shapes.

The flash application 230 can set different criteria for passing the visual test. In one embodiment, the computer user must select the randomly selected and randomly positioned geometric shape within a given time period. If the computer user does not select the randomly selected and randomly positioned geometric shape within the given time period, the computer user does not pass the visual test. If the computer user selects the randomly selected shape, the flash application 230 sends the randomly selected shape chosen by the computer user along with the ID to the validation module 232. In one embodiment, the randomly selected shape and the ID are encrypted by the flash application 230 prior to being sent to the validation module 232. After the validation module 232 receives the randomly selected geometric shape and the ID, the validation module 232 decrypts the randomly selected geometric shape and the ID (if necessary) and compares the randomly selected geometric shape and the ID that were received with the randomly selected geometric shape and the ID that were stored in the memory associated with the flash application 230. If the comparison results in a match, the computer user has passed the visual test. The validation module 232 then sends an access instruction to the Spam Blocker Application 234 which allows the computer user to access the requested service. If the computer user is an automated script, the computer user may attempt to guess a shape and a ID to be sent to the validation module 232. Accordingly, the validation module 232 will compare the received shape and the ID with the randomly selected shape and the ID that the validation module 232 stored in memory. A pure guess by an automated script is unlikely to produce the randomly selected shape and the ID. Therefore, the validation module 232 will likely find an incorrect comparison and deny the computer user access to the requested service.

In one embodiment, the validation module 232 will expire the ID for the randomly selected geometric shape after a comparison is made regardless of whether or not the comparison is successful. If the computer user is an automated script, the computer user may attempt to send a large number of guessed shapes and guessed ID's to the validation module 232. By expiring the current ID for a given randomly selected geometric shape, the validation module 232 further decreases the likelihood that an automated script will gain access to a requested service.

The Spam Blocker Application 234 is essentially a software program that prevents the computer user from accessing a requested service without meeting certain requirements. In one embodiment, the Spam Blocker Application 234 provides permission to the Flash Application 230 for the computer user to access the requested service. In yet another embodiment, the Flash Application 230 provides permission directly to the account registration application 222, the e-mail application 224, the poll application 226, or the contest application 228. In yet another embodiment, the SPAM Blocker Application provides the permission to the Validation Module 232. In one embodiment, the SPAM Blocker requires other criteria be met by other testing applications and provides permission to the Validation Module when these other testing applications have been passed.

One of ordinary skill in the art will recognize that the SPAM blocking system 200 can be applied to other types of applications such as games, videos, music, computer research, etc. The SPAM blocking system 200 can even be used to restrict the viewing of content on a web page.

FIG. 3 illustrates a video display 300 in which a computer user can compose an e-mail message using the e-mail application 224. The video display 300 can be a GUI displayed in a web browser or in another software application. The video display 300 has data entry lines such as a To data entry line 302, a Subject data entry line 304, and a CC data entry line 306. One of ordinary skill in the art will recognize that additional data entry lines such as a From data entry line can be incorporated into the video display. The computer user can enter recipients into the To data entry line 302. In addition, the computer user can enter the text of the e-mail message into a text box 308. After the user has finished composing an e-mail message, the computer user can press a send button 310 to indicate that the e-mail should be sent to the recipient(s). The flash application module 230 (FIG. 2) will request a randomly selected shape from the validation module 232. In one embodiment, the flash application 230 displays a randomly selected shape 312 that the flash application 230 receives from the validation module 232 in a verification display 314. A set of directions 316 is displayed so that the computer user is informed of the action that the computer user must take to pass the visual test displayed in the verification display 314. In one embodiment, the set of directions 316 is constructed according to criteria stored in the flash application 230. If the computer user performs the action as instructed by the set of directions 316 in a given time period, the composed e-mail message is sent to the recipients. On the other hand, if the computer user does not perform the requested action within the given time period, the computer's e-mail message does not get sent to the recipients based on the assumption that a human user would have been able to pass the visual test depicted in the verification display 314. In another embodiment, the computer user is given multiple chances to pass the visual test. For instance, a computer user may get up and walk away from the computer as the visual test is displayed. Therefore, after the given time period has elapsed, another randomly selected shape appears within the verification window. The computer user will only be given a predetermined number of chances. Each of these chances could comprise different visual tests. The visual test on the first chance may be selecting a geometric object while the visual test on the second chance may be dragging a geometric object from a starting position to an ending position. The set of directions 316 would change on each chance to inform the computer user of the requirements need to pass the visual test. By varying the visual test on each chance given to the computer user, an automated script has an even more difficult time in gaining access to the requested services. In yet another embodiment, the computer user is only given subsequent chances if the computer user does not make an attempt at the visual test. In another embodiment, the verification display 314 is a separate screen from the visual display 300. In yet another embodiment, the verification display 314 is displayed in the same web browser but on a different web page from the visual display 300.

One of ordinary skill in the art will recognize that GUI's similar to the visual display 300 can be constructed for services other than the e-mail application 224, e.g. the account registration application 222, the poll application 226, or the contest application 228. Further, one of ordinary skill in the art will recognize that the visual display 300 can be displayed on an LCD screen, a plasma screen, a PDA display, and any other visual medium for displaying data.

FIG. 4 illustrates a process 400 for reducing the use of automated scripts in services such as the account registration application 222, the e-mail application 224, the poll application 226, or the contest application 228. By way of example, the process 400 is explained with respect to the e-mail application 224. After a computer user composes an e-mail message as explained in FIG. 3, the computer user presses the send button 310 at a process block 402 to send the e-mail message the recipient(s). The process 400 then advances to a decision block 404 where the process 400 determines if the number of recipients exceeds a predetermined minimum requirement. Computer users would be inconvenienced if they had to pass the visual test every time they send an a e-mail message to a few people. Therefore, if the number of recipients is less than a predetermined minimum, the process 400 advances to a process block 412 where the e-mail message is sent to the recipient(s). However, if the number of recipients is greater than a predetermined minimum, then the process 400 advances to a process block 406 where the flash application 230 (FIG. 2) requests a randomly generated geometric shape from the validation module 232 based on the assumption that an e-mail sent to a large number of recipients may be made by an automated script. In another embodiment, a maximum number of recipients can also be set and test in the process block 404.

After the flash application 230 receives the randomly selected geometric shape at the process block 406, the flash application 230 selects a random position within the verification display 314 to display the randomly selected geometric shape at a process block 408. The process 400 then advances to a decision block 410 where the process 400 determines if the computer user has selected the geometric shape within a predetermine maximum amount of time. If the computer user selects the geometric shape within the predetermined amount of time, the process 400 assumes that the computer user is a human user and sends the e-mail. However, if the computer user does not select the geometric shape within the predetermine amount of time, the process 400 assumes that the computer user is an automated script and does not send the e-mail message. One of ordinary skill in the art will recognize that other embodiments may include the variations discussed with respect to FIG. 3 for providing the computer user with multiple chances after the maximum period of time has elapsed subject to a maximum number of chances.

While the above description contains many specifics, these should not be construed as limitations on the scope of the invention, but rather as an exemplification of preferred embodiments thereof. The invention includes any combination or subcombination of the elements from the different species and/or embodiments disclosed herein. One skilled in the art will recognize that these features, and thus the scope of the present invention, should be interpreted in light of the following claims and any equivalents thereto.

Claims (64)

1. A system for diminishing the use of an automated program in a networked computing environment comprising:
a server that can provide access to a service, wherein the service is stored on a memory associated with the server;
a visual test software module associated with the server, wherein the visual test software module is capable of providing a client computer with a visual test upon a request transmitted through a network by the client computer for the service, wherein the visual test is displayed on a video display, wherein the visual test enables the client computer to perform a predetermined action over a shaped object displayed on the video display in order to gain access to the service, wherein the predetermined action over the shaped object causes movement of the shaped object within the video display;
a validation software module associated with the server, wherein the validation software module receives a request from the software module for the shaped object to be displayed on the video display, wherein the validation software module randomly selects the shaped object to be transmitted to the visual test software module and provides the visual test software module with the shaped object; and
an access software module, wherein the access software module receives an access instruction from the validation software module and provides access to the service upon successful execution of the visual test.
2. The system of claim 1, wherein the visual test software module is a flash software module.
3. The system of claim 1, wherein the validation software module provides an id along with the shaped object to the visual test software module.
4. The system of claim 3, wherein the id is a session id.
5. The system of claim 3, wherein the id is a unique user identifier.
6. The system of claim 3, wherein the id is an ip address.
7. The system of claim 3, wherein the id is the ip address and time that the request was made.
8. The system of claim 3, wherein the visual test software module provides the id along with a user selected shaped object to the validation software module.
9. The system of claim 8, wherein the validation software module determines if the user selected shaped object and the associated id that the validation software module receives from the visual test software module are identical to the id and the shaped object that the validation software module previously sent to the visual test software module.
10. The system of claim 9, wherein the validation software module provides an access instruction to the access module.
11. The system of claim 10, wherein the access module provides the client computer access to the service.
12. The system of claim 10, wherein the id expires after the validation software module determines if the user selected shaped object and the associated id that the validation software module receives from the visual test software module are identical to the id and the shaped object that the validation software module previously sent to the validation software module.
13. The system of claim 1, wherein the validation module provides a plurality of false shapes to the visual test software module in order to make image filtering more difficult.
14. The system of claim 1, wherein the predetermined action comprises a selection with a mouse pointer of the shaped object displayed within the video display within a predetermined time period.
15. The system of claim 1, wherein the predetermined action comprises a dragging of the shaped object displayed within the video display within a predetermined time period.
16. The system of claim 1, wherein the shaped object is a geometric shape.
17. The system of claim 1, wherein the shaped object is a cartoon character.
18. The system of claim 1, wherein the shaped object is a graphically imaged character.
19. The system of claim 1, wherein the shaped object is a graphical icon.
20. The system of claim 1, wherein the service is an account registration service.
21. The system of claim 20, wherein an e-mail account can be created with the account registration service.
22. The system of claim 21, wherein an electronic subscription can be created with the account registration service.
23. The system of claim 1, wherein the service is an electronic mail service.
24. The system of claim 1, wherein the service is a poll service.
25. The system of claim 1, wherein the service is a contest service.
26. The system of claim 1, wherein the service is access to web-based content.
27. The system of claim 1, wherein the service is access to electronic content.
28. The system of claim 1, wherein the automated program is an automated script.
29. The system of claim 1, wherein the network is the Internet.
30. The system of claim 1, wherein the network is a wireless network.
31. The system of claim 1, wherein the network is a local area network.
32. The system of claim 1, wherein the network is a world area network.
33. A system for diminishing the use of an automated program in a networked computing environment comprising:
a server that can provide access to a service, wherein the service is stored on a memory associated with the server;
a visual test software module associated with the server, wherein the visual test software module is capable of providing a client computer with a visual test upon a request transmitted through a network by the client computer for the service, wherein the visual test is displayed on a video display, wherein the visual test enables the client computer to perform a predetermined action over a non-textual based image displayed on the video display in order to gain access to the service, wherein the predetermined action causes movement of the non-textual based image within the video display;
a validation software module associated with the server, wherein the validation software module receives a request from the visual test software module for the non-textual based image to be displayed on the video display, wherein the validation software module randomly selects a non-textual based image to be transmitted to the visual test software module and provides the visual test software module with the non-textual based image; and
an access software module, wherein the access software module receives an access instruction from the validation software module and provides access to the service upon successful execution of the visual test.
34. The system of claim 33, wherein the visual test software module is a flash software module.
35. The system of claim 33, wherein the validation software module provides an id along with the non-textual based image to the visual test software module.
36. The system of claim 35, wherein the id is a session id.
37. The system of claim 35, wherein the id is a unique user identifier.
38. The system of claim 35, wherein the id is an ip address.
39. The system of claim 35, wherein the id is the ip address and time that the request was made.
40. The system of claim 35, wherein the visual test software module provides the id along with a user selected non-textual based image to the validation software module.
41. The system of claim 40, wherein the validation software module determines if the user selected shaped object and the associated id that the validation software module receives from the visual test software module are identical to the id and the shaped object that the validation software module previously sent to the visual test software module.
42. The system of claim 41, wherein the validation software module provides an access instruction to the access module.
43. The system of claim 42, wherein the access module provides the client computer access to the service.
44. The system of claim 42, wherein the id expires after the validation software module determines if the user selected non-textual based image and the associated id that the validation software module receives from the visual test software module are identical to the id and the non-textual based image that the validation software module previously sent to the validation software module.
45. The system of claim 33, wherein the validation module provides a plurality of false shapes to the visual test software module in order to make image filtering more difficult.
46. The system of claim 33, wherein the predetermined action comprises a selection with a mouse pointer of the non-textual based image displayed within the video display within a predetermined time period.
47. The system of claim 33, wherein the predetermined action comprises a dragging of the non-textual based image displayed within the video display within a predetermined time period.
48. The system of claim 33, wherein the non-textual based image is a geometric shape.
49. The system of claim 33, wherein the non-textual based image is a cartoon character.
50. The system of claim 33, wherein the non-textual based image is a graphically imaged character.
51. The system of claim 33, wherein the non-textual based image is a graphical icon.
52. The system of claim 33, wherein the service is an account registration service.
53. The system of claim 52, wherein an e-mail account can be created with the account registration service.
54. The system of claim 53, wherein an electronic subscription can be created with the account registration service.
55. The system of claim 33, wherein the service is an electronic mail service.
56. The system of claim 33, wherein the service is a poll service.
57. The system of claim 33, wherein the service is a contest service.
58. The system of claim 33, wherein the service is access to web-based content.
59. The system of claim 33, wherein the service is access to electronic content.
60. The system of claim 33, wherein the automated program is an automated script.
61. The system of claim 33, wherein the network is the Internet.
62. The system of claim 33, wherein the network is a wireless network.
63. The system of claim 33, wherein the network is a local area network.
64. The system of claim 33, wherein the network is a world area network.
US10/741,838 2003-12-19 2003-12-19 System and method for preventing automated programs in a network Active 2024-06-25 US7197646B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/741,838 US7197646B2 (en) 2003-12-19 2003-12-19 System and method for preventing automated programs in a network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/741,838 US7197646B2 (en) 2003-12-19 2003-12-19 System and method for preventing automated programs in a network
PCT/US2004/042348 WO2005062775A2 (en) 2003-12-19 2004-12-16 System and method for preventing automated programs in a network

Publications (2)

Publication Number Publication Date
US20050138376A1 US20050138376A1 (en) 2005-06-23
US7197646B2 true US7197646B2 (en) 2007-03-27

Family

ID=34678285

Family Applications (1)

Application Number Title Priority Date Filing Date
US10/741,838 Active 2024-06-25 US7197646B2 (en) 2003-12-19 2003-12-19 System and method for preventing automated programs in a network

Country Status (2)

Country Link
US (1) US7197646B2 (en)
WO (1) WO2005062775A2 (en)

Cited By (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070026372A1 (en) * 2005-07-27 2007-02-01 Huelsbergen Lorenz F Method for providing machine access security by deciding whether an anonymous responder is a human or a machine using a human interactive proof
US20080301778A1 (en) * 2007-05-30 2008-12-04 Adam Fritz System And Method For Preventing Automated Programs and Unauthorized Users In A Network
US20090012855A1 (en) * 2007-07-06 2009-01-08 Yahoo! Inc. System and method of using captchas as ads
US20090083826A1 (en) * 2007-09-21 2009-03-26 Microsoft Corporation Unsolicited communication management via mobile device
US7512978B1 (en) 2008-02-24 2009-03-31 International Business Machines Corporation Human-read-only configured e-mail
US20090199272A1 (en) * 2008-02-06 2009-08-06 Arcot Systems, Inc. Authentication using a turing test to block automated attacks
US20090204819A1 (en) * 2008-02-07 2009-08-13 Microsoft Corporation Advertisement-based human interactive proof
US20090210937A1 (en) * 2008-02-15 2009-08-20 Alexander Kraft Captcha advertising
US20090228910A1 (en) * 2008-03-04 2009-09-10 Nagravision Sa Method for authenticating the presence of a viewer during a presentation of video content
US20090235327A1 (en) * 2008-03-11 2009-09-17 Palo Alto Research Center Incorporated Selectable captchas
US20090297064A1 (en) * 2008-05-30 2009-12-03 Koziol Jason D Method and system for generating a representation symbol as an identification challenge
US20100046790A1 (en) * 2008-08-22 2010-02-25 Koziol Anthony R Method and system for generating a symbol identification challenge
US20100302255A1 (en) * 2009-05-26 2010-12-02 Dynamic Representation Systems, LLC-Part VII Method and system for generating a contextual segmentation challenge for an automated agent
US20100318669A1 (en) * 2009-06-16 2010-12-16 Kevin Chugh Human Interactive Proof System and Apparatus that Enables Public Contribution of Challenges for Determining Whether an Agent is a Computer or a Human
US20110029781A1 (en) * 2009-07-31 2011-02-03 International Business Machines Corporation System, method, and apparatus for graduated difficulty of human response tests
US20110113388A1 (en) * 2008-04-22 2011-05-12 The 41St Parameter, Inc. Systems and methods for security management based on cursor events
US7945952B1 (en) * 2005-06-30 2011-05-17 Google Inc. Methods and apparatuses for presenting challenges to tell humans and computers apart
US20110191820A1 (en) * 2010-01-29 2011-08-04 Christopher Liam Ivey System and Method for Restricting Access to a Computer System to Live Persons by Means of Semantic Association of Images
US8037148B1 (en) * 2009-10-06 2011-10-11 Csn-Ip, Llc System and method for authorizing polling selections
US20120144004A1 (en) * 2010-03-29 2012-06-07 Rakuten, Inc. Authentication server apparatus, authentication server apparatus-use program and authentication method
US8296659B1 (en) * 2007-10-19 2012-10-23 Cellco Partnership Method for distinguishing a live actor from an automation
US8627407B1 (en) * 2008-06-27 2014-01-07 Symantec Corporation Systems and methods for preventing unauthorized modification of network resources
US8805688B2 (en) 2007-04-03 2014-08-12 Microsoft Corporation Communications using different modalities
US8949141B2 (en) 2008-12-19 2015-02-03 Nagravision S.A. Method for accessing goods or services following an action performed by a viewer of broadcast program content
US8983051B2 (en) 2007-04-03 2015-03-17 William F. Barton Outgoing call classification and disposition
WO2016020767A1 (en) 2014-08-07 2016-02-11 The Registrar, Graphic Era University A system and method for security enhancement
US9521551B2 (en) 2012-03-22 2016-12-13 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US9633201B1 (en) 2012-03-01 2017-04-25 The 41St Parameter, Inc. Methods and systems for fraud containment
US9703983B2 (en) 2005-12-16 2017-07-11 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US9754256B2 (en) 2010-10-19 2017-09-05 The 41St Parameter, Inc. Variable risk engine
US9754311B2 (en) 2006-03-31 2017-09-05 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US9948629B2 (en) 2009-03-25 2018-04-17 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US9990631B2 (en) 2012-11-14 2018-06-05 The 41St Parameter, Inc. Systems and methods of global identification
US10091312B1 (en) 2014-10-14 2018-10-02 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10417637B2 (en) 2012-08-02 2019-09-17 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
US10413172B2 (en) 2017-12-11 2019-09-17 1-800 Contacts, Inc. Digital visual acuity eye examination for remote physician assessment

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7139916B2 (en) * 2002-06-28 2006-11-21 Ebay, Inc. Method and system for monitoring user interaction with a computer
US20060168042A1 (en) * 2005-01-07 2006-07-27 International Business Machines Corporation Mechanism for mitigating the problem of unsolicited email (also known as "spam"
GB0523995D0 (en) * 2005-11-25 2006-01-04 Ibm Method,system and computer program product for access control
US20070143830A1 (en) * 2005-12-20 2007-06-21 International Business Machines Corporation Method, apparatus and system for preventing unauthorized access to password-protected system
US7891005B1 (en) * 2006-08-10 2011-02-15 Google Inc. Verifying human interaction via rotated images
US8631467B2 (en) * 2006-09-01 2014-01-14 Ebay Inc. Contextual visual challenge image for user verification
US20080209223A1 (en) * 2007-02-27 2008-08-28 Ebay Inc. Transactional visual challenge image for user verification
US9264438B1 (en) * 2007-05-25 2016-02-16 Michael J. Vandemar Method of advertising using an electronic processor authorization challenge
US8627419B1 (en) * 2007-05-25 2014-01-07 Michael J VanDeMar Multiple image reverse turing test
US8631503B2 (en) * 2007-10-03 2014-01-14 Ebay Inc. System and methods for key challenge validation
US20090228975A1 (en) * 2008-03-06 2009-09-10 International Business Machines Corporation Methods, systems and computer program products for creating secured access codes via continuous information
US8959621B2 (en) * 2009-12-22 2015-02-17 Disney Enterprises, Inc. Human verification by contextually iconic visual public turing test
US20130036342A1 (en) * 2011-08-05 2013-02-07 Shekhar Deo System and method for creating and implementing dynamic, interactive and effective multi-media objects with human interaction proof (hip) capabilities
US9621528B2 (en) 2011-08-05 2017-04-11 24/7 Customer, Inc. Creating and implementing scalable and effective multimedia objects with human interaction proof (HIP) capabilities, with challenges comprising secret question and answer created by user, and advertisement corresponding to the secret question
US9015810B2 (en) 2012-08-23 2015-04-21 Tata Consultancy Services Limited System and method for authenticating manual interaction in a computing environment
CN103034444A (en) * 2012-12-13 2013-04-10 鸿富锦精密工业(深圳)有限公司 Electronic device and method thereof for quickly sending mail
CN104660549B (en) * 2013-11-19 2017-12-15 深圳市腾讯计算机系统有限公司 Method and apparatus for authentication
US9417868B2 (en) * 2014-01-09 2016-08-16 Bank Of America Corporation Entity wide software tracking and maintenance reporting tool

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4964163A (en) 1988-04-04 1990-10-16 Motorola, Inc. Method and apparatus for controlling access to a communication system
US5163097A (en) 1991-08-07 1992-11-10 Dynamicserve, Ltd. Method and apparatus for providing secure access to a limited access system
US5345549A (en) 1992-10-30 1994-09-06 International Business Machines Corporation Multimedia based security systems
US5497422A (en) * 1993-09-30 1996-03-05 Apple Computer, Inc. Message protection mechanism and graphical user interface therefor
US5608387A (en) * 1991-11-30 1997-03-04 Davies; John H. E. Personal identification devices and access control systems
US6134657A (en) 1991-11-18 2000-10-17 International Business Machines Corporation Method and system for access validation in a computer system
US6195698B1 (en) * 1998-04-13 2001-02-27 Compaq Computer Corporation Method for selectively restricting access to computer systems
US6209104B1 (en) * 1996-12-10 2001-03-27 Reza Jalili Secure data entry and visual authentication system and method
US20020178058A1 (en) 2001-03-22 2002-11-28 Arlen Ritchie Method of communicating over an interactive medium
US6615264B1 (en) 1999-04-09 2003-09-02 Sun Microsystems, Inc. Method and apparatus for remotely administered authentication and access control
US20040199597A1 (en) * 2003-04-04 2004-10-07 Yahoo! Inc. Method and system for image verification to prevent messaging abuse
US6980081B2 (en) * 2002-05-10 2005-12-27 Hewlett-Packard Development Company, L.P. System and method for user authentication

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4964163A (en) 1988-04-04 1990-10-16 Motorola, Inc. Method and apparatus for controlling access to a communication system
US5163097A (en) 1991-08-07 1992-11-10 Dynamicserve, Ltd. Method and apparatus for providing secure access to a limited access system
US6134657A (en) 1991-11-18 2000-10-17 International Business Machines Corporation Method and system for access validation in a computer system
US5608387A (en) * 1991-11-30 1997-03-04 Davies; John H. E. Personal identification devices and access control systems
US5345549A (en) 1992-10-30 1994-09-06 International Business Machines Corporation Multimedia based security systems
US5497422A (en) * 1993-09-30 1996-03-05 Apple Computer, Inc. Message protection mechanism and graphical user interface therefor
US6209104B1 (en) * 1996-12-10 2001-03-27 Reza Jalili Secure data entry and visual authentication system and method
US6195698B1 (en) * 1998-04-13 2001-02-27 Compaq Computer Corporation Method for selectively restricting access to computer systems
US6615264B1 (en) 1999-04-09 2003-09-02 Sun Microsystems, Inc. Method and apparatus for remotely administered authentication and access control
US20020178058A1 (en) 2001-03-22 2002-11-28 Arlen Ritchie Method of communicating over an interactive medium
US6980081B2 (en) * 2002-05-10 2005-12-27 Hewlett-Packard Development Company, L.P. System and method for user authentication
US20040199597A1 (en) * 2003-04-04 2004-10-07 Yahoo! Inc. Method and system for image verification to prevent messaging abuse

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Carnegie Melon School Of Computer Science, Bongo, Copyright 2000-2003, The CAPTCHA Project, All rights reserved, (p. 1 of 1).
von Ahn et al., The CAPTCHA Project, Sep. 26, 2002, Nov. 24, 2002, www.captcha.net, retrieved Aug. 17, 2005 *
von Ahn et al., The CAPTCHA Project, Sep. 26, 2002, Nov. 24, 2002, www.captcha.net. *

Cited By (48)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7945952B1 (en) * 2005-06-30 2011-05-17 Google Inc. Methods and apparatuses for presenting challenges to tell humans and computers apart
US20070026372A1 (en) * 2005-07-27 2007-02-01 Huelsbergen Lorenz F Method for providing machine access security by deciding whether an anonymous responder is a human or a machine using a human interactive proof
US9703983B2 (en) 2005-12-16 2017-07-11 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US9754311B2 (en) 2006-03-31 2017-09-05 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US10089679B2 (en) 2006-03-31 2018-10-02 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US8677247B2 (en) 2007-02-23 2014-03-18 Cellco Partnership Method for distinguishing a live actor from an automation
US8805688B2 (en) 2007-04-03 2014-08-12 Microsoft Corporation Communications using different modalities
US8983051B2 (en) 2007-04-03 2015-03-17 William F. Barton Outgoing call classification and disposition
US8505071B2 (en) * 2007-05-30 2013-08-06 Disney Enterprises, Inc. Preventing automated programs and unauthorized users in a network
US20080301778A1 (en) * 2007-05-30 2008-12-04 Adam Fritz System And Method For Preventing Automated Programs and Unauthorized Users In A Network
US20090012855A1 (en) * 2007-07-06 2009-01-08 Yahoo! Inc. System and method of using captchas as ads
US20090083826A1 (en) * 2007-09-21 2009-03-26 Microsoft Corporation Unsolicited communication management via mobile device
US8296659B1 (en) * 2007-10-19 2012-10-23 Cellco Partnership Method for distinguishing a live actor from an automation
US8869238B2 (en) 2008-02-06 2014-10-21 Ca, Inc. Authentication using a turing test to block automated attacks
US20090199272A1 (en) * 2008-02-06 2009-08-06 Arcot Systems, Inc. Authentication using a turing test to block automated attacks
US20090204819A1 (en) * 2008-02-07 2009-08-13 Microsoft Corporation Advertisement-based human interactive proof
US20090210937A1 (en) * 2008-02-15 2009-08-20 Alexander Kraft Captcha advertising
US7512978B1 (en) 2008-02-24 2009-03-31 International Business Machines Corporation Human-read-only configured e-mail
US20090228910A1 (en) * 2008-03-04 2009-09-10 Nagravision Sa Method for authenticating the presence of a viewer during a presentation of video content
US20090235327A1 (en) * 2008-03-11 2009-09-17 Palo Alto Research Center Incorporated Selectable captchas
US8307407B2 (en) 2008-03-11 2012-11-06 Palo Alto Research Center Incorporated Selectable captchas
US9396331B2 (en) 2008-04-22 2016-07-19 The 41St Parameter, Inc. Systems and methods for security management based on cursor events
US20110113388A1 (en) * 2008-04-22 2011-05-12 The 41St Parameter, Inc. Systems and methods for security management based on cursor events
US20090297064A1 (en) * 2008-05-30 2009-12-03 Koziol Jason D Method and system for generating a representation symbol as an identification challenge
US8627407B1 (en) * 2008-06-27 2014-01-07 Symantec Corporation Systems and methods for preventing unauthorized modification of network resources
US20100046790A1 (en) * 2008-08-22 2010-02-25 Koziol Anthony R Method and system for generating a symbol identification challenge
US8949141B2 (en) 2008-12-19 2015-02-03 Nagravision S.A. Method for accessing goods or services following an action performed by a viewer of broadcast program content
US9948629B2 (en) 2009-03-25 2018-04-17 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US20100302255A1 (en) * 2009-05-26 2010-12-02 Dynamic Representation Systems, LLC-Part VII Method and system for generating a contextual segmentation challenge for an automated agent
US20100318669A1 (en) * 2009-06-16 2010-12-16 Kevin Chugh Human Interactive Proof System and Apparatus that Enables Public Contribution of Challenges for Determining Whether an Agent is a Computer or a Human
US20110029781A1 (en) * 2009-07-31 2011-02-03 International Business Machines Corporation System, method, and apparatus for graduated difficulty of human response tests
US8589694B2 (en) * 2009-07-31 2013-11-19 International Business Machines Corporation System, method, and apparatus for graduated difficulty of human response tests
US8037148B1 (en) * 2009-10-06 2011-10-11 Csn-Ip, Llc System and method for authorizing polling selections
US20110191820A1 (en) * 2010-01-29 2011-08-04 Christopher Liam Ivey System and Method for Restricting Access to a Computer System to Live Persons by Means of Semantic Association of Images
US8707453B2 (en) * 2010-01-29 2014-04-22 Christopher Liam Ivey System and method for restricting access to a computer system to live persons by means of semantic association of images
US20120144004A1 (en) * 2010-03-29 2012-06-07 Rakuten, Inc. Authentication server apparatus, authentication server apparatus-use program and authentication method
US9348986B2 (en) * 2010-03-29 2016-05-24 Rakuten, Inc. Authentication server apparatus, authentication server apparatus-use program and authentication method
US9754256B2 (en) 2010-10-19 2017-09-05 The 41St Parameter, Inc. Variable risk engine
US9633201B1 (en) 2012-03-01 2017-04-25 The 41St Parameter, Inc. Methods and systems for fraud containment
US10341344B2 (en) 2012-03-22 2019-07-02 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US9521551B2 (en) 2012-03-22 2016-12-13 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US10021099B2 (en) 2012-03-22 2018-07-10 The 41st Paramter, Inc. Methods and systems for persistent cross-application mobile device identification
US10417637B2 (en) 2012-08-02 2019-09-17 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
US10395252B2 (en) 2012-11-14 2019-08-27 The 41St Parameter, Inc. Systems and methods of global identification
US9990631B2 (en) 2012-11-14 2018-06-05 The 41St Parameter, Inc. Systems and methods of global identification
WO2016020767A1 (en) 2014-08-07 2016-02-11 The Registrar, Graphic Era University A system and method for security enhancement
US10091312B1 (en) 2014-10-14 2018-10-02 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10413172B2 (en) 2017-12-11 2019-09-17 1-800 Contacts, Inc. Digital visual acuity eye examination for remote physician assessment

Also Published As

Publication number Publication date
US20050138376A1 (en) 2005-06-23
WO2005062775A2 (en) 2005-07-14
WO2005062775A3 (en) 2006-03-09

Similar Documents

Publication Publication Date Title
JP4887365B2 (en) Electronic message system and method with reduced traceability
US8510814B2 (en) Method and apparatus for network authentication of human interaction and user identity
Chiasson et al. Persuasive cued click-points: Design, implementation, and evaluation of a knowledge-based authentication mechanism
Suo et al. Graphical passwords: A survey
US7188314B2 (en) System and method for user authentication interface
US6732278B2 (en) Apparatus and method for authenticating access to a network resource
US8910251B2 (en) Using social information for authenticating a user session
US7930350B2 (en) Digital image sharing enabled chat application
US7500099B1 (en) Method for mitigating web-based “one-click” attacks
Thompson Google's China Problem
US10264095B2 (en) Control for inviting an unauthenticated user to gain access to display of content that is otherwise accessible with an authentication mechanism
EP2266252B1 (en) Systems and methods for implementing and tracking identification tests
US9100194B2 (en) Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data
US8112817B2 (en) User-centric authentication system and method
US7085806B1 (en) Method and apparatus for recommending a match to another
US8959621B2 (en) Human verification by contextually iconic visual public turing test
JP4948400B2 (en) Method and apparatus for providing electronic message authentication
US20090187986A1 (en) Authentication server, authentication method and authentication program
JP5237483B2 (en) Computer-implemented authentication method
US7152244B2 (en) Techniques for detecting and preventing unintentional disclosures of sensitive data
US9311466B2 (en) User authentication for social networks
CN1879097B (en) Method and system for starting up communication between users in a multi-user communication network environment
US20060149970A1 (en) Authentication method and device
US8495358B2 (en) Software based multi-channel polymorphic data obfuscation
KR100812411B1 (en) Methods and systems for graphical image authentication

Legal Events

Date Code Title Description
AS Assignment

Owner name: DISNEY ENTERPRISES, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:FRITZ, ADAM T.;WANG, YIQING;REEL/FRAME:014557/0260

Effective date: 20040421

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 12